github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Enables sanitizing of json request bodies in the apache module for native log format

Browse Source
This commit is contained in:
florian-eichelberger
2017-05-30 22:05:16 -03:00
committed by Felipe Zimmerle
parent 4ee1d9c179
commit f86de566d1
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apache2/msc_json.c
View File

@@ -16,6 +16,8 @@
#ifdef WITH_YAJL
char *base_offset=NULL;
int json_add_argument(modsec_rec *msr, const char *value, unsigned length)
{
msc_arg *arg = (msc_arg *) NULL;
@@ -48,6 +50,8 @@ int json_add_argument(modsec_rec *msr, const char *value, unsigned length)
*/
arg->value = apr_pstrmemdup(msr->mp, value, length);
arg->value_len = length;
arg->value_origin_len = length;
arg->value_origin_offset = value-base_offset;
arg->origin = "JSON";
if (msr->txcfg->debuglog_level >= 9) {
@@ -273,6 +277,7 @@ int json_init(modsec_rec *msr, char **error_msg) {
int json_process_chunk(modsec_rec *msr, const char *buf, unsigned int size, char **error_msg) {
if (error_msg == NULL) return -1;
*error_msg = NULL;
base_offset=buf;
/* Feed our parser and catch any errors */
msr->json->status = yajl_parse(msr->json->handle, buf, size);